CSC/ECE 517 Fall 2023 - E2369. Reimplement duties controller.rb and badges controller.rb
Topic Overview & Prior Work
Background
duties_controller.rb
The actions defined by this duties_controller include create, update, and remove. The new duty is saved to the database using the create action. The update action is used to update the duty in the database, while the edit action renders the form for editing an existing duty. Lastly, a duty can be removed from the database by using the delete action. All things considered, Expertiza's Duties module aids in the management of duties.
badges_controller.rb
A new Badge instance is created by the controller using the user-supplied parameters through the use of the create action. If an image file is attached, it additionally saves it and modifies the badge instance's image_name attribute.
Previous Work
The prior implementation of the duties and badges controllers was based on a Rails MVC application rather than strictly as an API built on Rails. The handling of requests and responses did not align with the API architecture, thus needing adjustments to ensure a more suitable API-style communication. Furthermore, the previous implementation lacked comprehensive testing, a crucial aspect that needs attention in the reimplementation.
Planned Work
Functions to implement
Functionalities for Duties
- Create Action: Implement the functionality to add and persist new duties to the database.
- Edit Action: Develop the mechanism to modify existing duties, providing a form for editing duties.
- Update Action: Enhance the capability to update existing duties already stored in the database.
Functionalities for Badges
- Create Action: Implement the creation process for new badges, utilizing user-provided parameters.
- Image Handling: Develop a mechanism to handle attached image files, ensuring their storage.
- Update Action: Enhance the functionality to update the image_name attribute associated with a badge instance, especially when an image is attached.
Notes for Reimplementation
- Ensure that all interactions with the controllers adhere to API conventions, returning data in JSON format.
- Thoroughly test all REST endpoints for both duties and badges, covering various scenarios to validate their functionality. Comprehensive testing should encompass both success and failure scenarios.
Implementation
Duties Controller
class Api::V1::DutiesController < ApplicationController before_action :set_duty, only: %i[ show update destroy ]
index Method:
Function: Retrieves all duties.
HTTP Verb: GET
URL Endpoint: /duties
Description: Fetches all duties from the database using the Duty.all method and renders a JSON response containing all duties.
# GET /duties def index @duties = Duty.all render json: @duties, status: :ok end
show Method:
Function: Retrieves a specific duty.
HTTP Verb: GET
URL Endpoint: /duties/:id
Description: Finds a duty by its ID and renders a JSON response containing the specific duty
# GET /duties/1 def show render json: @duty, status: :ok end
create Method:
Function: Creates a new duty.
HTTP Verb: POST
URL Endpoint: /duties
Description: Creates a new duty by instantiating a Duty object with the provided duty parameters from the request (duty_params).
# POST /duties def create @duty = Duty.new(duty_params)
if @duty.save render json: @duty, status: :created, location: @duty else render json: @duty.errors, status: :unprocessable_entity end end
update Method:
Function: Updates an existing duty.
HTTP Verb: PATCH/PUT
URL Endpoint: /duties/:id
Description: Updates an existing duty specified by its ID using the provided duty parameters from the request (duty_params).
# PATCH/PUT /duties/1 def update if @duty.update(duty_params) render json: @duty else render json: @duty.errors, status: :unprocessable_entity end end
destroy Method:
Function: Deletes a duty.
HTTP Verb: DELETE
URL Endpoint: /duties/:id
Description: Finds a specific duty by its ID and destroys (deletes) it. It then renders a JSON response with a success message
# DELETE /duties/1 def destroy @duty.destroy render json: { message: "Duty was successfully destroyed." }, status: :ok end
set_duty Method (Private):
This method is used as a callback to set the @duty instance variable by finding the duty based on the :id parameter. It is used before the show, update, and destroy actions to set up the specific duty being operated on.
private # Use callbacks to share common setup or constraints between actions. def set_duty @duty = Duty.find(params[:id]) end
duty_params Method (Private):
Filters the duty parameters received from the request, allowing only specific parameters (:name, :assignment_id, :max_members_for_duties) to be used for creating or updating a duty. It uses Rails' strong parameters for security.
# Only allow a list of trusted parameters through. def duty_params params.require(:duty).permit(:name, :assignment_id, :max_members_for_duties) end end
Badges Controller
class Api::V1::BadgesController < ApplicationController before_action :set_badge, only: %i[ show update destroy ]
index Method:
HTTP Verb: GET
Endpoint: /badges
Functionality: Retrieves all badges.
Description: Fetches all existing badges from the database using Badge.all and returns a JSON array containing all badge records.
# GET /badges def index @badges = Badge.all render json: @badges, status: :ok end
show Method:
HTTP Verb: GET
Endpoint: /badges/:id
Functionality: Retrieves a specific badge.
Description: Finds and retrieves a particular badge by its ID from the database. The method responds with a JSON object containing the details of the specific badge.
# GET /badges/1 def show render json: @badge, status: :ok end
create Method:
HTTP Verb: POST
Endpoint: /badges
Functionality: Creates a new badge.
Description: Instantiates a new badge using the parameters provided in the request (badge_params).
# POST /badges def create @badge = Badge.new(badge_params)
if @badge.save render json: @badge, status: :created, location: @badge else render json: @badge.errors, status: :unprocessable_entity end end
update Method:
HTTP Verb: PATCH/PUT
Endpoint: /badges/:id
Functionality: Updates an existing badge.
Description: Modifies the attributes of an existing badge based on the parameters received in the request (badge_params).
# PATCH/PUT /badges/1 def update if @badge.update(badge_params) render json: @badge, status: :ok else render json: @badge.errors, status: :unprocessable_entity end end
destroy Method:
HTTP Verb: DELETE
Endpoint: /badges/:id
Functionality: Deletes a badge.
Description: Locates a specific badge by its ID and removes it from the database.
# DELETE /badges/1 def destroy @badge.destroy render json: { message: 'Badge was successfully destroyed.'}, status: :ok end
set_badge Method (Private):
Function: Sets up a specific badge for other actions.
Description: A callback method that finds and assigns the @badge instance variable based on the :id parameter before executing the show, update, and destroy actions.
private # Use callbacks to share common setup or constraints between actions. def set_badge @badge = Badge.find(params[:id]) end
badge_params Method (Private):
Function: Filters and permits badge parameters for security.
Description: Filters the badge parameters received in the request, allowing only specific parameters (:name, :description, :image_name, :image_file) to be utilized for creating or updating a badge.
# Only allow a list of trusted parameters through. def badge_params params.require(:badge).permit(:name, :description, :image_name, :image_file) end end
Testing Methodology
In our testing process, we harnessed the power of Swagger UI to comprehensively evaluate the functionality and security of our API endpoints. Swagger UI provided an intuitive and interactive platform for sending various types of requests and scrutinizing responses. However, to ensure that the endpoints were secure, we implemented an authorization mechanism using a YAML file. This YAML file allowed us to generate tokens, particularly for the /login endpoint, which was pivotal in our authentication process. By leveraging Swagger UI a, we methodically tested the endpoints, covering a spectrum of scenarios, including positive and negative cases.
Conclusion
In conclusion, the reimplementation project for the Duties and Badges modules within Expertiza holds significant importance in aligning the existing functionalities with API standards and rectifying the deficiencies identified in the previous implementation.
The Duties module, managed by the duties_controller.rb, plays a pivotal role in handling duties' creation, editing, and deletion within the system. Likewise, the Badges module, governed by the badges_controller.rb, oversees the creation and management of badges, including the handling of image files.
The prior implementation's primary shortcomings revolved around treating the system as a traditional Rails MVC application rather than as a Rails API. This resulted in non-compliance with API standards in handling requests and responses, which this reimplementation aims to rectify. Additionally, the inadequacy of testing procedures highlighted the necessity for a comprehensive testing suite covering various scenarios to ensure the robustness and reliability of the system.
The planned work includes adhering strictly to API-style interactions, returning data in JSON format, and implementing thorough testing for all REST endpoints, ensuring the functionalities for both Duties and Badges are rigorously verified across success and failure scenarios.
By addressing these issues and meticulously implementing the planned functionalities, this reimplementation aims to enhance the system's efficiency, robustness, and adherence to API conventions, ensuring a more reliable and scalable platform for managing duties and badges within Expertiza.
Useful Links
- Github Repository: https://github.com/R3Rex31/reimplementation-back-end
- Pull Request:
Contributors
Group members:
Siddhi Mule
Rishabh Muzhangathu
Aditi Gulabchand Varma
Mentor:
Renji Joseph Sabu